The week in security: Obama promotes breach sharing, hackers do same

Big-name security tools aren't catching anywhere near all of the malware they are presented with, according to the latest lab testing results from Enex Labs, which found during testing in the second half of 2014 that as many as 100 percent of tested malware was making it through the defences of eight popular security tools. The results were corroborated by a FireEye study that found traditional security defences simply are not stopping security breaches.

Little wonder that setting and practice security responses topped security priorities for this year, according to a Dimension Data survey. Much of that effort will relate to the management of mobile devices – including many that were enthusiastically received by employees for Christmas – although statistics suggesting most companies have no idea about the internal use of 'shadow IT' suggests they have other priorities too.

US president Barack Obama was in the news as he outlined a raft of cyber-security related initiatives, in advance of his State of the Union address and on the back of the international hubbub over North Korea's high-profile hacking of Sony Pictures. Reports had Obama moving to speed the reporting of consumer data breaches, while he also encouraged companies to be more forthcoming in sharing information about cyber-attacks. The US and UK will also collaborate to test and improve their respective cybersecurity efforts. Obama's formal declaration called for a privacy bill of rights and set a 30-day limit for companies to notify customers of a data breach. Obama was also calling for immunity from prosecution for companies that actively shared information on their breaches. Security experts relished the attention on cyber issues but some questioned whether Obama had gone far enough.

Yet consumer breaches were only part of the puzzle: the Twitter and YouTube accounts of US Central Command – which has been directing the airstrikes on ISIS terrorists in Iraq and Syria – were hacked by 'cyber-jihadists' in another high-profile breach. The embarrassing incident was a reminder of the high stakes as the fight against terrorists increasingly moves into the online world (another reminder would be the malware that was dished up recently to visitors to North Korea's official news agency).

EU ministers were also weighing in on cyber-security matters, with a call for ISP cooperation in the wake of the Charlie Hebdo shootings. As if to prove the point, a parody site pretending to be a BBC Web site went offline after running a fabricated story about the attack. Several high-profile French media websites also went offline, although their hosting company quickly quelled rumours of a widespread cyber-attack.

Yet citizens in Holland were fighting back, suing the government over planned data retention laws. Given that law-enforcement authorities like the FBI have expanded their access to surveillance programs in recent years, it can surprise few that citizens are concerned.

Encryption has been floated as one tool in the fight against surveillance and data theft, but just because an application uses encryption doesn't always mean it's secure. Yet some implementations may be so secure that they can't be eavesdropped upon – which could, if UK PM David Cameron has his way, see the likes of WhatsApp and SnapChat banned in that country. That's hardly likely to impress users who enjoy the use of encryption to protect their private information.

Encryption can be overrated, some experts warn: in many situations it may be available but not worth the bother. Many would be more concerned about an Instagram flaw that allowed outsiders to view private photos if they had once been marked for public viewing. although another reason for that might be the pervasive breaches such as an evolving WhatsApp spam campaign or the Facebook scam trafficking in purportedly leaked Snapchat photos.

Google annoyed Microsoft after releasing the details of the second privilege escalation flaw in Windows 8.1 in just a few weeks – and doing so just days before Microsoft's Patch Tuesday fix would have been released. This decision drew criticism for Google from the Trustworthy Software Initiative, but didn't stop Google from following up with two more disclosures.

But Google proved to be pulling its weight, too, stopping a widespread malvertising attack even as Symantec shared details of a new phishing attack targeting users' LinkedIn credentials. Indeed, figures from Akamai suggested that hackers were exploring a range of new avenues as the volume of DDoS attacks plateaued.

One older attack proved to be back for a second run, however, as the notorious CryptoWall ransomware emerged once again in a new version and Carberp banking malware targeted Australian accounts. Figures suggested UK mobile malware was surprisingly in decline, although those that were hit with ransomware might find the experience less frustrating as there were suggestions the cyber-criminals had gained a new respect for clean interface design and customer service to simplify the process of paying their extortion fees.

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Read more: DDoS volumes plateau as hackers try new attack vectors: Akamai

Upcoming IT Security Events

Feb 3rd, Feb 4th, Feb 6th 2015

Join @NirZuk #PaloAltoNetworks for Breakfast (lunch in Auckland) on keeping your enterprise safe from risk. Cyber attacks continue to increase in volume and sophistication leaving traditional security practices completely ineffective. 

Read more: US Central Command says it will review its cyber security after hackers claiming to have links to ISIS hijacked two of its social media accounts.

Register Today Seats are limited

March 3rd, March 5th, March 9th 2015

Join CSO for the day@#csoperspectives and hear from @kimzetter @frankheidt

3 International Keynote speakers, 36 Key IT Security Industry Speaker, 21 Exhibitors, Security Analysts and many more.. Register today

Dont miss one of the biggest IT Security events in ANZ (registration is free, but seats are limited)

Join the CSO newsletter!

Error: Please check your email address.

Tags hackerscybersecurityFireEyeBarack Obamasecurity toolsmalwareyoutubeEnex TestLabMicrosoftcyber-attacksobamaencryptiontwitterbreach sharingnorth koreaCSO Australiadimension dataprivate information

More about CSODimension DataEnex TestLabEUFacebookFBIFireEyeGoogleIT SecurityMicrosoftSonySymantec

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts